475 matches found
Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects Tivoli Storage Productivity Center (CVE-2015-4000)
Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects Tivoli Storage Productivity Center. UPDATED 1/29/2018: Even after fixing this vulnerability some vulnerability checks might still demand for an even tighter fix. A more comprehensive fix has bee...
Security Bulletin: Vulnerability in Apache Log4j affects IBM Spectrum Control (CVE-2021-44228)
Summary A vulnerability in Apache Log4j could allow an attacker to execute arbitrary code on the system. This vulnerability may affect IBM Spectrum Control due to its use of Log4j for logging, tracing, alerting, and the local help documentation. Vulnerability Details CVEID: CVE-2021-44228...
Security Bulletin: Vulnerability in Apache Log4j affects Netcool Operation Insight (CVE-2021-44228)
Summary A vulnerability was identified within the Apache Log4j library that is used by Netcool Operation Insight to provide logging functionality. This vulnerability has been addressed. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to execute...
Security Bulletin: IBM Spectrum Protect Snapshot for VMware is vulnerable to Logjam (CVE-2015-4000)
Summary IBM Spectrum Protect Snapshot for VMware is vulnerable to Logjam CVE-2015-4000 Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHEEXPORT ciphersuite choice. A...
Security Bulletin: Vulnerability in Apache Log4j affects IBM Spectrum Protect Snapshot for VMware (CVE-2021-44228)
Summary A vulnerability in Apache Log4j could allow an attacker to execute arbitrary code on the system. This vulnerability may affect IBM Spectrum Protect Snapshot for VMware due to its use of Log4j for logging of messages and traces. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apac...
Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM i2 Intelligence Analysis Platform (CVE-2015-4000)
Summary The LogJam Attack on Diffie-Hellman ciphers CVE-2015-4000 may affect some configurations of the IBM WebSphere Application Server used with the IBM i2 Intelligence Analysis Platform. The IBM HTTP Server used by IBM i2 Intelligence Analysis Platform is not affected. Vulnerability Details...
Mageia: Security Advisory (MGASA-2015-0246)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
VMware vCenter Server Unauthenticated JNDI Injection RCE (via Log4Shell)
VMware vCenter Server is affected by the Log4Shell vulnerability whereby a JNDI string can sent to the server that will cause it to connect to the attacker and deserialize a malicious Java object. This results in OS command execution in the context of the root user in the case of the Linux virtua...
Security Bulletin: Vulnerability in Apache Log4j affects IBM Operational Decision Manager (CVE-2021-44228)
Summary Rule Designer, shipped with IBM Operational Decision Manager since version 8.10.4 includes log4j-core.jar that contains the vulnerable code. The fix includes Apache Log4j 2.15. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to execute...
VMware vCenter Server Unauthenticated Log4Shell JNDI Injection Remote Code Execution Exploit
VMware vCenter Server is affected by the Log4Shell vulnerability whereby a JNDI string can be sent to the server that will cause it to connect to the attacker and deserialize a malicious Java object. This results in OS command execution in the context of the root user in the case of the Linux...
Security Bulletin: Vulnerability in Apache Log4j affects Cloud Pak for Security (CVE-2021-44228)
Summary Cloud Pak for Security CP4S v1.9.0.0 and earlier is impacted by Log4Shell CVE-2021-44228, through the use of Apache Log4j's JNDI logging feature. This vulnerability has been addressed in the updated versions of CP4S images. Please see remediation steps below to apply fix. All customers ar...
Security Bulletin: Apache Log4j vulnerability affects IBM Cloud Pak for Automation (CVE-2021-44228)
Summary A remote code execution vulnerability has been reported for log4j-core-2.x libraries, which are used in various components of IBM Cloud Pak for Business Automation. Vulnerability Details CVEID:CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code...
Security Bulletin: Rational Test Automation Server is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-44228)
Summary Apache Log4j vulnerability associated with the Rational Performance Tester Apache JMeter™ Test Extension impacts Rational Test Automation Server. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code on the system,...
Security Bulletin: IBM QMF Analytics for Multiplatforms is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-44228)
Summary Apache Log4j is used by the QMF Vision component of IBM QMF Analytics for Multiplatforms as part of its logging infrastructure and is vulnerable to arbitrary code execution CVE-2021-44228. The fix includes Apache Log4j v2.17.0. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apac...
Security Bulletin: Vulnerabilitiy in Apache Log4jaffects IBM Observability with Instana - Server and Agents (CVE-2021-44228)
Summary Vulnerabilities detected in Apache Log4j versions before v2.16.0 affects IBM Observability with Instana. These have been addressed in both the Server and Agent components. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to execute...
Security Bulletin: A Remote Attack Vulnerability in Apache Log4j affects Engineering Lifecycle Management and IBM Engineering products
Summary There is a high risk Remote Attack Vulnerability in Apache Log4j CVE-2021-44228 which is used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Engineering Lifecycle Management ELM, IBM Engineering Workflow Management EWM, IBM Engineering Systems...
Security Bulletin: Vulnerability in Apache Log4j (CVE-2021-44228) affects Power HMC
Summary Log4j is used by IBM Power Hardware Management Console HMC for logging system/application events for diagnostics. This bulletin provides a remediation for the vulnerability, CVE-2021-44228 by upgrading IBM Power Hardware Management Console HMC respective PTF and thus addressing the exposu...
Security Bulletin: Vulnerability in Apache Log4j addressed in IBM Spectrum Symphony
Summary Log4j is used by IBM Spectrum Symphony for generating logs in some of its components. This bulletin provides patches for the Log4Shell vulnerability CVE-2021-44228 to IBM Spectrum Symphony. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker...
Security Bulletin: Vulnerability in Apache Log4J adressed in Crypto Hardware Initialization and Maintenance (CVE-2021-44228)
Summary Crypto Hardware Initialization and Maintenance CHIM 3.0.0 as shipped with CCA 7.2.55 for MTM 4769 is affected by a vulnerability in Apache Log4J CVE-2021-44228. CHIM is using Apache Log4J for internal logging purposes of regular user activity. Vulnerability Details CVEID: CVE-2021-44228...
Security Bulletin: Rational Performance Tester (RPT) is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-44228)
Summary Apache Log4j vulnerability impacts Rational Performance Tester RPT Apache JMeter™ Test Extension. Rational Performance Tester RPT includes a vulnerable Log4j library that may be detected by a vulnerability scan. This bulletin addresses the vulnerabilities for the reported CVE-2021-44228...